cancel
Showing results for 
Search instead for 
Did you mean: 
wajeeh_r
Level 9

Blocking any requests not matching defined AD groups

Dear All,

We have two MWG's and we are dividing our users based on two AD groups which are 'MWG1 and MWG2', but I noticed if a user is not in MWG1 and MWG2, he is able to browse internet from any of the gateway. I want to have a rule which should check that if a user is not found in any of above AD group, should block him with a message meaningful, should not allow him to browse.

Please advice how we can do this. See attached screen shot how we are controlling two groups.

Regards

0 Kudos
2 Replies
mbagheryan
Level 12

Re: Blocking any requests not matching defined AD groups

What is your network type, I mean, Are you using Proxy or Transparent Router?

In Both case you have to use Authentication server but it is a little different in each of them.

You can find your all answers by referring to below mentioned link:

https://community.mcafee.com/docs/DOC-4384

This is a perfect example written by

Enjoy.

M.B M

0 Kudos
Troja
Level 14

Re: Blocking any requests not matching defined AD groups

Hi,

are you using a HA-Cluster?? If yes, check how the proxy.ip settings property is filled.

Under Configuration -> proxies you can choose if the physical IP or the virtual IP is used.

Otherwise, try the rule tracing central to figure out how the properties are filled.

Cheers

0 Kudos